Recent Posts
Follow Us
twittergoogle_pluslinkedinrssyoutube
The Legal Stuff
BT Policyholder Protection Blog
0 0

24 May 2018 The Cloud: Selected Benefits, Risks, and Insurance Coverage Issues – Part 2

This article is the second part in the series, The Cloud: Selected Benefits, Risks, and Insurance Coverage Issues. It was prepared in connection with PLI’s Cloud Computing conference. It was authored by Barnes & Thornburg attorneys, Scott Godes, Kara Cleary, Heidi Fessler and Michael Baumert.   Insurance Coverage Issues for the Cloud   In addition to the insurance best practices mentioned above, the cloud can raise multiple insurance issues that should be considered carefully.  For example, how would insurance provide coverage to the cloud provider or the user if there were a data breach or denial of service attack?  But, there are other events in the cyberspace that both cloud providers and users should consider, such as the situation where users cannot access the cloud…

READ MORE
0 0

25 Jan 2018 Avoid Insurance Related Risks to Help Your Bottom Line

  With the new year in full gear, your company likely has set revenue and growth goals for 2018. Unfortunately, just one uninsured or underinsured loss can often derail these efforts. Therefore, this is a great time for companies to review their insurance program and keep some of these best practices in mind:   First, check out Ken Gorenberg’s recent post that provides some great “New Year’s Resolutions for Policyholders.”   Consider reviewing your claims history over the last few years. Are there trends? Are there steps that might be available to your company to mitigate those particular risks? Moreover, how does your insurance program’s coverage limits align with those risks?   Does your company have procedures in place to determine when and how to…

READ MORE
0 0

25 Apr 2016 Scott Godes quoted in Legaltech News Article “Cyberinsurance: A Necessary Protection in the Digital Era?”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Legaltech News article, “Cyberinsurance: A Necessary Protection in the Digital Era?”   Between 2005 and 2015, more than 5,000 must-report data breach incidents were tracked; and since 2002, breach notification laws have been enacted in 47 states. Given the rising number of breaches and response costs, companies are turning to cyberinsurance for remediation.   Scott is quoted numerous times within the article, including one note stating, “A data breach, and several courts have agreed, particularly when the information is put online, involves the publication of materials that violates a person’s right to privacy. And yet, notwithstanding this good case law, for policyholders, insurance companies continue to…

READ MORE
0 0

16 Mar 2016 Scott Godes Quoted in Law360: Insurance Article “Data Breach Report Shows Cyberinsurance Not A Cure-All”

  Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Law360: Insurance article, “Data Breach Report Shows Cyberinsurance Not A Cure-All.”   The article discusses how companies are managing cyber risks and turning to cyberinsurance policies to handle data breaches.  The article highlights a recent study discussing the size and scope of common data breaches and whether cyberinsurance policies would respond to such incidents.   Scott is quoted in the article saying, “There are some policies that have a retention or deductible that can be significantly lower for the costs of forensic investigation, breach letters or crisis management than the deductible for putative class actions and dealing with regulatory investigations.”   Read the full article here….

READ MORE
0 0

27 Oct 2015 Scott Godes quoted in Law360 Article, “Privacy ‘Bill of Rights’ to Boost Demand for Breach Coverage”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Law360 article, “Privacy ‘Bill of Rights’ to Boost Demand for Breach Coverage.”   The article highlights the recently introduced privacy bill of rights and changes to the regulatory environment that could change the cyberinsurance marketplace for  policyholders.   Scott is noted saying, “Cyberinsurance remains the Wild West of insurance. But with the changing regulatory environment, we’re starting to see changing prices and the market opening up and tightening up.”   Read the full article here. Scott GodesScott N. Godes is a veteran trial lawyer with experience in insurance coverage matters and technology issues. He is a partner in Barnes & Thornburg LLP’s Washington, D.C., office and…

READ MORE
0 0

08 Oct 2015 Regulation S-P Violation: Are You Prepared For A Cyber-Security Breach?

On Sept. 22, 2015, the Securities and Exchange Commission (SEC) announced the first violation by a registered investment advisor of the so-called Safeguards Rule (Regulation S-P) pertaining to the protection of personally identifiable information from cyber-attack. This is the first instance of the SEC enforcing Regulation S-P against an investment advisor.   The Regulation, broadly speaking, requires broker-dealers, investment advisers and other financial firms to protect confidential customer information from unauthorized release to unaffiliated third parties. Included in Regulation S-P is the “Safeguard Rule” (Rule 30(a)), which requires financial institutions to, among other things, adopt written policies and procedures reasonably designed to protect customer information against cyber-attacks.  This raises the question:  Are you prepared for a cyber-attack (and the attendant liability)?   In its findings,…

READ MORE
0 0

20 Aug 2015 What Insurance Should Cover Target’s Visa Settlement?

Two years later, and the Target data breach continues to make headlines.   Does anyone need to be reminded that Target suffered a data breach in 2013? Seeing that the breach continues to be litigated and settlements continue to be announced with payment card brands, it is difficult to forget the incident.   Most recently, Target announced that it had reached a settlement with Visa.[1] According to reports, Target could “pay as much as $67 million to banks that issue Visa cards.”[2] Target’s earlier $19 million settlement with MasterCard[3] ended up being scuttled; Target and MasterCard reportedly are working on another resolution.[4]   What is Target settling?   Target’s settlement with Visa likely is to resolve the alleged damages resulting from Target’s payment card breach….

READ MORE
0 0

06 Jul 2015 Scott Godes Quoted in Law360 Article, “4 Cyberinsurance Battlegrounds to Watch”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in Law360’s article, “4 Cyberinsurance Battlegrounds to Watch.”   The article examines four key battlegrounds to watch when seeking coverage under cyberinsurance policies.  Scott was quoted multiple times about exclusions and limitations within cyberinsurance policies.  One of Scott’s quotes related to an insurance company’s recent denial of coverage based on alleged security requirements within a cyberinsurance policy.  Scott is quoted saying,   “The idea that an alleged failure to meet some security requirement would result in the exclusion of coverage should be seen as offensive. It puts a policyholder in a spot where, every time a claim is made, there is a trapdoor to coverage.”   Scott gave…

READ MORE
0 0

17 Jun 2015 Cyber Insurance is Only for Retailers, Right?

News about cybersecurity and cyberattacks has changed. It seems that cyber criminals have broadened their focus beyond just data breaches involving personally identifiable information (PII) or protected health information (PHI). Now, a significant percentage of companies worldwide reportedly are facing attacks designed to shut down their computer networks, to delete data or control their equipment. This changing focus of cyber criminals makes clear that even though retailers, healthcare organizations, and banks have received a lot of media attention in this arena, all companies need to be prepared for a cyberattack. Diligent preparation includes not only implementing safeguard measures and response plans, but should also include an evaluation of your company’s insurance program to determine if you have sufficient coverage for your company’s potential cyber risks….

READ MORE
0 0

12 May 2015 Will Your Tech E&O Insurance Cover Your Retention of Someone Else’s Electronic Data?

Court Offers Narrow Interpretation of Cyberinsurance. If you’ve been paying attention to the news or any of your social media channels, you’ve probably heard people talking about cyberinsurance and that your company needs it. You might even have been told that cyberinsurance is a panacea for all risks related to cybersecurity and data privacy. To date, there has been very little publicly available litigation about the meaning of cyberinsurance policies. One federal court changed that with a decision issued on May 11, 2015, in Travelers Property Casualty Co. of America v. Federal Recovery Services, Inc., No. 2:14-cv-170 TS, slip op. (D. Utah May 11, 2015). Unfortunately, the decision ruled against the policyholder and offered a narrow interpretation of the cyberinsurance policy involved in the dispute….

READ MORE